VirtualBox

source: vbox/trunk/src/libs/openssl-1.1.1k/crypto/rand/randfile.c@ 91108

Last change on this file since 91108 was 90293, checked in by vboxsync, 4 years ago

openssl-1.1.1k: Applied and adjusted our OpenSSL changes to 1.1.1k. bugref:10072
File size: 9.5 KB
Line 
1/*
2 * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10#include "internal/cryptlib.h"
11
12#include <errno.h>
13#include <stdio.h>
14#include <stdlib.h>
15#include <string.h>
16
17#include <openssl/crypto.h>
18#include <openssl/rand.h>
19#include <openssl/rand_drbg.h>
20#include <openssl/buffer.h>
21
22#ifdef OPENSSL_SYS_VMS
23# include <unixio.h>
24#endif
25#include <sys/types.h>
26#ifndef OPENSSL_NO_POSIX_IO
27# include <sys/stat.h>
28# include <fcntl.h>
29# if defined(_WIN32) && !defined(_WIN32_WCE)
30# ifdef VBOX
31# include <iprt/win/windows.h>
32# else
33# include <windows.h>
34# endif
35# include <io.h>
36# define stat _stat
37# define chmod _chmod
38# define open _open
39# define fdopen _fdopen
40# define fstat _fstat
41# define fileno _fileno
42# endif
43#endif
44
45/*
46 * Following should not be needed, and we could have been stricter
47 * and demand S_IS*. But some systems just don't comply... Formally
48 * below macros are "anatomically incorrect", because normally they
49 * would look like ((m) & MASK == TYPE), but since MASK availability
50 * is as questionable, we settle for this poor-man fallback...
51 */
52# if !defined(S_ISREG)
53# define S_ISREG(m) ((m) & S_IFREG)
54# endif
55
56#define RAND_BUF_SIZE 1024
57#define RFILE ".rnd"
58
59#ifdef OPENSSL_SYS_VMS
60/*
61 * __FILE_ptr32 is a type provided by DEC C headers (types.h specifically)
62 * to make sure the FILE* is a 32-bit pointer no matter what. We know that
63 * stdio functions return this type (a study of stdio.h proves it).
64 *
65 * This declaration is a nasty hack to get around vms' extension to fopen for
66 * passing in sharing options being disabled by /STANDARD=ANSI89
67 */
68static __FILE_ptr32 (*const vms_fopen)(const char *, const char *, ...) =
69 (__FILE_ptr32 (*)(const char *, const char *, ...))fopen;
70# define VMS_OPEN_ATTRS \
71 "shr=get,put,upd,del","ctx=bin,stm","rfm=stm","rat=none","mrs=0"
72# define openssl_fopen(fname, mode) vms_fopen((fname), (mode), VMS_OPEN_ATTRS)
73#endif
74
75/*
76 * Note that these functions are intended for seed files only. Entropy
77 * devices and EGD sockets are handled in rand_unix.c If |bytes| is
78 * -1 read the complete file; otherwise read the specified amount.
79 */
80int RAND_load_file(const char *file, long bytes)
81{
82 /*
83 * The load buffer size exceeds the chunk size by the comfortable amount
84 * of 'RAND_DRBG_STRENGTH' bytes (not bits!). This is done on purpose
85 * to avoid calling RAND_add() with a small final chunk. Instead, such
86 * a small final chunk will be added together with the previous chunk
87 * (unless it's the only one).
88 */
89#define RAND_LOAD_BUF_SIZE (RAND_BUF_SIZE + RAND_DRBG_STRENGTH)
90 unsigned char buf[RAND_LOAD_BUF_SIZE];
91
92#ifndef OPENSSL_NO_POSIX_IO
93 struct stat sb;
94#endif
95 int i, n, ret = 0;
96 FILE *in;
97
98 if (bytes == 0)
99 return 0;
100
101 if ((in = openssl_fopen(file, "rb")) == NULL) {
102 RANDerr(RAND_F_RAND_LOAD_FILE, RAND_R_CANNOT_OPEN_FILE);
103 ERR_add_error_data(2, "Filename=", file);
104 return -1;
105 }
106
107#ifndef OPENSSL_NO_POSIX_IO
108 if (fstat(fileno(in), &sb) < 0) {
109 RANDerr(RAND_F_RAND_LOAD_FILE, RAND_R_INTERNAL_ERROR);
110 ERR_add_error_data(2, "Filename=", file);
111 fclose(in);
112 return -1;
113 }
114
115 if (bytes < 0) {
116 if (S_ISREG(sb.st_mode))
117 bytes = sb.st_size;
118 else
119 bytes = RAND_DRBG_STRENGTH;
120 }
121#endif
122 /*
123 * On VMS, setbuf() will only take 32-bit pointers, and a compilation
124 * with /POINTER_SIZE=64 will give off a MAYLOSEDATA2 warning here.
125 * However, we trust that the C RTL will never give us a FILE pointer
126 * above the first 4 GB of memory, so we simply turn off the warning
127 * temporarily.
128 */
129#if defined(OPENSSL_SYS_VMS) && defined(__DECC)
130# pragma environment save
131# pragma message disable maylosedata2
132#endif
133 /*
134 * Don't buffer, because even if |file| is regular file, we have
135 * no control over the buffer, so why would we want a copy of its
136 * contents lying around?
137 */
138 setbuf(in, NULL);
139#if defined(OPENSSL_SYS_VMS) && defined(__DECC)
140# pragma environment restore
141#endif
142
143 for ( ; ; ) {
144 if (bytes > 0)
145 n = (bytes <= RAND_LOAD_BUF_SIZE) ? (int)bytes : RAND_BUF_SIZE;
146 else
147 n = RAND_LOAD_BUF_SIZE;
148 i = fread(buf, 1, n, in);
149#ifdef EINTR
150 if (ferror(in) && errno == EINTR){
151 clearerr(in);
152 if (i == 0)
153 continue;
154 }
155#endif
156 if (i == 0)
157 break;
158
159 RAND_add(buf, i, (double)i);
160 ret += i;
161
162 /* If given a bytecount, and we did it, break. */
163 if (bytes > 0 && (bytes -= i) <= 0)
164 break;
165 }
166
167 OPENSSL_cleanse(buf, sizeof(buf));
168 fclose(in);
169 if (!RAND_status()) {
170 RANDerr(RAND_F_RAND_LOAD_FILE, RAND_R_RESEED_ERROR);
171 ERR_add_error_data(2, "Filename=", file);
172 return -1;
173 }
174
175 return ret;
176}
177
178int RAND_write_file(const char *file)
179{
180 unsigned char buf[RAND_BUF_SIZE];
181 int ret = -1;
182 FILE *out = NULL;
183#ifndef OPENSSL_NO_POSIX_IO
184 struct stat sb;
185
186 if (stat(file, &sb) >= 0 && !S_ISREG(sb.st_mode)) {
187 RANDerr(RAND_F_RAND_WRITE_FILE, RAND_R_NOT_A_REGULAR_FILE);
188 ERR_add_error_data(2, "Filename=", file);
189 return -1;
190 }
191#endif
192
193 /* Collect enough random data. */
194 if (RAND_priv_bytes(buf, (int)sizeof(buf)) != 1)
195 return -1;
196
197#if defined(O_CREAT) && !defined(OPENSSL_NO_POSIX_IO) && \
198 !defined(OPENSSL_SYS_VMS) && !defined(OPENSSL_SYS_WINDOWS)
199 {
200# ifndef O_BINARY
201# define O_BINARY 0
202# endif
203 /*
204 * chmod(..., 0600) is too late to protect the file, permissions
205 * should be restrictive from the start
206 */
207 int fd = open(file, O_WRONLY | O_CREAT | O_BINARY, 0600);
208 if (fd != -1)
209 out = fdopen(fd, "wb");
210 }
211#endif
212
213#ifdef OPENSSL_SYS_VMS
214 /*
215 * VMS NOTE: Prior versions of this routine created a _new_ version of
216 * the rand file for each call into this routine, then deleted all
217 * existing versions named ;-1, and finally renamed the current version
218 * as ';1'. Under concurrent usage, this resulted in an RMS race
219 * condition in rename() which could orphan files (see vms message help
220 * for RMS$_REENT). With the fopen() calls below, openssl/VMS now shares
221 * the top-level version of the rand file. Note that there may still be
222 * conditions where the top-level rand file is locked. If so, this code
223 * will then create a new version of the rand file. Without the delete
224 * and rename code, this can result in ascending file versions that stop
225 * at version 32767, and this routine will then return an error. The
226 * remedy for this is to recode the calling application to avoid
227 * concurrent use of the rand file, or synchronize usage at the
228 * application level. Also consider whether or not you NEED a persistent
229 * rand file in a concurrent use situation.
230 */
231 out = openssl_fopen(file, "rb+");
232#endif
233
234 if (out == NULL)
235 out = openssl_fopen(file, "wb");
236 if (out == NULL) {
237 RANDerr(RAND_F_RAND_WRITE_FILE, RAND_R_CANNOT_OPEN_FILE);
238 ERR_add_error_data(2, "Filename=", file);
239 return -1;
240 }
241
242#if !defined(NO_CHMOD) && !defined(OPENSSL_NO_POSIX_IO)
243 /*
244 * Yes it's late to do this (see above comment), but better than nothing.
245 */
246 chmod(file, 0600);
247#endif
248
249 ret = fwrite(buf, 1, RAND_BUF_SIZE, out);
250 fclose(out);
251 OPENSSL_cleanse(buf, RAND_BUF_SIZE);
252 return ret;
253}
254
255const char *RAND_file_name(char *buf, size_t size)
256{
257 char *s = NULL;
258 size_t len;
259 int use_randfile = 1;
260
261#if defined(_WIN32) && defined(CP_UTF8) && !defined(_WIN32_WCE)
262 DWORD envlen;
263 WCHAR *var;
264
265 /* Look up various environment variables. */
266 if ((envlen = GetEnvironmentVariableW(var = L"RANDFILE", NULL, 0)) == 0) {
267 use_randfile = 0;
268 if ((envlen = GetEnvironmentVariableW(var = L"HOME", NULL, 0)) == 0
269 && (envlen = GetEnvironmentVariableW(var = L"USERPROFILE",
270 NULL, 0)) == 0)
271 envlen = GetEnvironmentVariableW(var = L"SYSTEMROOT", NULL, 0);
272 }
273
274 /* If we got a value, allocate space to hold it and then get it. */
275 if (envlen != 0) {
276 int sz;
277 WCHAR *val = _alloca(envlen * sizeof(WCHAR));
278
279 if (GetEnvironmentVariableW(var, val, envlen) < envlen
280 && (sz = WideCharToMultiByte(CP_UTF8, 0, val, -1, NULL, 0,
281 NULL, NULL)) != 0) {
282 s = _alloca(sz);
283 if (WideCharToMultiByte(CP_UTF8, 0, val, -1, s, sz,
284 NULL, NULL) == 0)
285 s = NULL;
286 }
287 }
288#else
289 if ((s = ossl_safe_getenv("RANDFILE")) == NULL || *s == '\0') {
290 use_randfile = 0;
291 s = ossl_safe_getenv("HOME");
292 }
293#endif
294
295#ifdef DEFAULT_HOME
296 if (!use_randfile && s == NULL)
297 s = DEFAULT_HOME;
298#endif
299 if (s == NULL || *s == '\0')
300 return NULL;
301
302 len = strlen(s);
303 if (use_randfile) {
304 if (len + 1 >= size)
305 return NULL;
306 strcpy(buf, s);
307 } else {
308 if (len + 1 + strlen(RFILE) + 1 >= size)
309 return NULL;
310 strcpy(buf, s);
311#ifndef OPENSSL_SYS_VMS
312 strcat(buf, "/");
313#endif
314 strcat(buf, RFILE);
315 }
316
317 return buf;
318}
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette